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DETAILED ACTION 

The instant application having Application No. 1 0/577,857 is presented for 
examination by the examiner. Claims 1 -1 9 are pending. 

Response to Amendment 

Double Patenting 

Examiner acknowledges Applicant's response to the double patenting rejection. 
Examiner will maintain that rejection as cited in the Office Action filed 9/8/08 until either 
the claims are amended enough to differentiate the conflicting claims or a terminal 
disclaimer is filed. 

Claims 1-6, 8-11, 13, and 16-18 are provisionally rejected on the ground of 
nonstatutory obviousness-type double patenting as being unpatentable over claims 21 - 
26, 29, 32, 33, and 36-40 of copending Application No. 10/577158. The detailed 
analysis of this rejection can be found in the Office action dated 09/08/2008. 

Response to Arguments 

Applicant's arguments filed 12/16/10 have been fully considered but they are not 
persuasive. Applicant argues the combination of Minemura and Aaltonen fails to teach 
an "identifier of security module resources". 



Application/Control Number: 10/577,857 Page 3 

Art Unit: 2431 

Aaltonen teaches an application can be tied to a specific device (0065). The 
stamping of the application with the IMSI creates a link between the application and the 
security modules (SIM). This link authorizes the application to use a particular SIM. 
Use of a SIM literally means having permission to use the SIM resources or that the 
SIM will perform calculations on an application's behalf. Either way, the stamp provides 
the identifier to the SIM resources that the application will have access to. The claim 
does not require anything further than this broadest reasonable interpretation. In fact 
the claim does not specify what the resources are or how they are used. Given that 
Minemura teaches authentication of an application and Aaltonen teaches authorizing 
the application to the security module, the combination is obvious. Authorization 
requires authentication first. Once the identity is confirmed, it may then be allowed 
access to resources afforded said identity. Contrary to Applicant's statements, there is 
no confusion between the authentication and authorization, but rather they go hand-in- 
hand to create a secure embodiment. One of ordinary skill in the art could have used 
both authentication and authorization together in the manner set forth by the claimed 
invention. In view of the foregoing, the rejection must be maintained. 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as 
set forth in section 102 of this title, if the differences between the subject matter sought to be 
patented and the prior art are such that the subject matter as a whole would have been obvious 
at the time the invention was made to a person having ordinary skill in the art to which said 
subject matter pertains. Patentability shall not be negatived by the manner in which the invention 
was made. 
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Claims 1-1 1 and 13-19 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over USP Application Publication 2003/01 14144 to Minemura in view of 
USP Application Publication 2005/0097053 to Aaltonen et al., hereinafter Aaltonen. 

As per claim 1 , Minemura teaches an authentication method of at least one 
application working in a equipment [terminal] connected by a network to a control server 
[server/service company], said equipment being locally connected to a security module 
[authentication module], said application being at least one of loaded loadable and 
executable via an application execution environment of the equipment and being 
adapted to use resources stored in the security module, the method comprising (see 
abstract): 

analyzing and verifying by the control server of said data (0192), 
generating by the control server a cryptogram comprising a digest of the 
application (0084-0085 and Fig. 6), and instructions intended for said module (0125) 
and at least one of an identifier of the application [signature; 0105, 0141 , and Fig 6; the 
license information is added to the signature which is part of the cryptogram sent by the 
sever], 

transmitting the application and the cryptogram, via the network and the 
equipment, to the security module (0085), and 
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verifying, by the security module, the application by comparing the digest 
extracted from the cryptogram received with a digest determined by the security module 
(0085), 

wherein, during at least one of initialization and activation of the application, the 
security module executes the instructions extracted from the cryptogram and, according 
to a result of the verification of the application, performs at least one of releasing and 
blocking access of certain resources of said security module to the application (0085). 
Minemura is silent in explicitly disclosing that the reception by the control server, via the 
network, of data comprising at least the identifier of the equipment and the identifier of 
the security module and that the cryptogram from the server includes these entities as 
well. Minemura does disclose teaching identifying data to the server from the terminal 
but not these specific entities. Aaltonen discloses sending these specific entities, the 
IMS! and IMEI information to authorize and authenticate a user terminal for downloading 
of content from another entity (0065). As known in the GSM architecture, the IMSI 
identifies the SIM modules associated with a particular user of the network. The IMEI 
identifies the equipment operating on the network. Aaltonen also teaches that when an 
entity is requesting application content from another network entity, the requesting entity 
sends its IMSI and IMEI in its request. The network entity possessing the application 
content then stamps the content with the received IMSI and IMEI in order to control the 
application's use by the receiver. Minemura is silent in explicitly teaching the 
cryptogram generated by the control server further an identifier of SIM resources. 
Aaltonen discloses sending IMSI of the recipient with the application content to 
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authorize and authenticate a user terminal for using the content (0065). As mentioned 
above the IMSI identifies a particular SIM. 

Minemura teaching focuses on making sure that downloaded applications have 
not been tampered. Aaltonen emphasizes the mobile terminal's control of an 
application once it has been sent. The claim is obvious because one or ordinary skill in 
the art could have combined the two teachings to increase security whereby mutual 
authentication used to protect both the server and terminal. 

As per claim 2, Minemura teaches the equipment is a mobile equipment of 
mobile telephony (0013). 

As per claim 3, Minemura does not explicitly the network is a mobile network of 
at least one GSM or GPRS or UMTS. Aaltonen teaches the network is a mobile 
network of at least one GSM or GPRS or UMTS (0002). Minemura's invention is in the 
mobile telephony art. GSM is one specific type of mobile communication. Therefore it 
would have been obvious to one of ordinary skill in the art at the time of the invention to 
implement Minemura's system on a GSM network. 

As per claim 4, Minemura teaches the security module is a subscriber module 
inserted into the mobile equipment of mobile telephony of the SIM card type (0013). 

As per claim 5, Minemura teaches the identification of at least one of the set 
mobile equipment and subscriber module is carried out from the identifier of the mobile 
equipment and from the identifier of the subscriber module suited to a subscriber to the 
network (0193). 
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As per claim 6, Minemura teaches the instructions included in the cryptogram 
received by the security module condition the use of the applications according to 
criteria established previously by at least one of the operator, the application supplier, 
and the user of the equipment (01 25, 01 41 ). 

As per claim 7, Minemura teaches the criteria define limits of use of an 
application according to the risks associated with at least one of the software of said 
application and with the hardware of the equipment that the operator desires to take into 
account (0125, 0141 and solves the problem of 0008). 

As per claim 8, Minemura teaches the verification of the application with the 
cryptogram Is carried out at the time of at least one of the first initialization and the first 
use of said application (0210). 

As per claim 9, Minemura teaches the verification of the application with the 
cryptogram Is periodically carried out at a given rate [expiry rate] according to 
Instructions originating from the control server (0143-0144). 

As per claim 10, Minemura teaches the verification of the application with the 
cryptogram is carried out at the time of each initialization of said application on the 
equipment (0144). 

As per claim 1 1 , Minemura teaches the cryptogram Is generated with the aid of 
an asymmetrical or symmetrical encryption key from a data set (0199) containing, 
among other data, the identifier of the equipment, the identifier of the security module, 
an identifier of the application (0141), the digest of the application calculated with an 
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unidirectional hash function and identifiers of the resources of the security module and 
Instructions for locking/releasing of resources of the security module (0191). 

As per claim 1 3, MInemura teaches the security module transmits to the control 
server, via the equipment and the network, a confirmation message when said security 
module has accepted or refused a cryptogram of an application (0087, provision of 
service). 

As per claim 14, MInemura teaches the cryptogram Is transmitted to the security 
module at the same time as the application Is loaded Into the equipment via the 
execution environment of the applications (0210). 

As per claim 15, MInemura teaches the application, once loaded into the 
equipment from the control server via the network, requests a cryptogram from the 
server at the time of Its Initialization and transmits said cryptogram to the security 
module (0089), the confirmation message of acceptance or refusal of the cryptogram 
being transmitted by the security module to the server via the application (0210). 

As per claim 1 6, MInemura teaches the equipment Is a Pay-TV decoder or a 
computer to which the security module Is connected (0078). 

As per claim 17, MInemura teaches a security module [authentication module] 
comprising resources Intended to be accessed locally by at least one application 
Installed In an equipment [terminal] connected to a network (see abstract), 

said equipment Including means for reading and transmitting data (0085), 
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said module further including means for reception, storage, and analysis of a 
cryptogram and of the at least one application received with the cryptogram (Figure 6) 

wherein the cryptogram includes, a digest of said application (0193) and 
instructions (0125), 

means for verification of said at least one application (0192), and 

means for extraction and execution of the instructions contained in the 
cryptogram, the means for extraction and execution performing at least one of blocking 
certain resources of the security module to the at least one application according to a 
result of the verification of the at least one application (0085-0089). 

Minemura is silent in explicitly disclosing that the data includes at least the 
identifier of the equipment and the identifier of the security module and that the 
cryptogram from the server includes these entities as well. Minemura does disclose 
teaching identifying data to the server from the terminal but not these specific entities. 
Aaltonen discloses sending these specific entities, the IMSI and IMEI information to 
authorize and authenticate a user terminal for downloading of content from another 
entity (0065). As known in the GSM architecture, the IMSI identifies the SIM modules 
associated with a particular user of the network. The IMEI identifies the equipment 
operating on the network. Aaltonen also teaches that when an entity is requesting 
application content from another network entity, the requesting entity sends its IMSI and 
IMEI in its request. The network entity possessing the application content then stamps 
the content with the received IMSI and IMEI in order to control the application's use by 
the receiver. Minemura teaching focuses on making sure that downloaded applications 
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have not been tampered. Aaltonen emphasizes the mobile terminal's control of an 
application once it has been sent. The claim is obvious because one or ordinary skill in 
the art could have combined the two teachings to increase security whereby mutual 
authentication used to protect both the server and terminal. 

As per claim 18, Minemura teaches the security module [IC] is at least one being 
of the "subscriber module" and "SIM card" type intended to be connected to a mobile 
equipment (0013). 

As per claim 19, Minemura teaches the security module is a subscriber 
identification module [IC] inserted into the mobile equipment of mobile telephony (0013). 

Claim 12 is rejected under 35 U.S.C. 103(a) as being unpatentable over 
Minemura and Aaltonen as applied to claim 1 1 and in further view of USP Application 
Publication 2002/0012433 and to Haverinen et al, hereinafter Haverinen. 

As per claim 12, Minemura and Aaltonen are silent in disclosing a predictable variable in 
the cryptogram. Minemura does teach using a random number to prevent replay 
attacks (01 92). Haverinen teaches that timestamps can be used as a substitute to 
random number in authentication to prevent replay attacks. Therefore it would have 
been obvious to one of ordinary skill in the art at the time of the invention to use the 
timestamps in the cryptograms as a means to prevent malicious replay attacks by a 



Application/Control Number: 1 0/577,857 Page 1 1 

Art Unit: 2431 

third party. Timestamps are known to be an adequate method of performing the same 
function of a random number in the art of computer security. 

Conclusion 

THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1 .1 36(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to MICHAEL R. VAUGHAN whose telephone number is 
(571)270-7316. The examiner can normally be reached on Monday - Thursday, 7:30am 
- 5:00pm, EST. If attempts to reach the examiner by telephone are unsuccessful, the 
examiner's supervisor, William Korzuch can be reached on 571-272-7589. The fax 
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phone number for the organization where this application or proceeding is assigned is 
571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated Information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



/M. R. V./ 

Examiner, Art Unit 2431 

/William R. Korzuch/ 

Supervisory Patent Examiner, Art Unit 2431 



